CIS Firewall ver6.0.64131.2674 some questions

[Raul90]

Just installed CIS Firewall ver6.0.64131.2674 in an XP machine and it's looking great. I was able to 'import settings' of the old ver5.12 edited it(removed the GPCode/KsecDD rule etc and saved it. Actually using the Sandbox for FF17.01 now as I am writing this one. I see that what I print or download goes to the C:\VTRoot folder.

Is there a way to let me know that the sandbox still has files inside..? Something like SBIE's Quick Recovery invocation...I may accidentally delete or 'reset sandbox' and it will be too late to know that I have lost something I downloaded or printed.

What is that 'Scan' there in the home gui? I only downloaded the firewall and I did not install the AV. Pairing CIS 6 with AvastFree for now.

About Watch Activity>KillSwitch, as of the moment my internet connection is a bit slow. Can I just download it separately and install it? It's taking quite long...

How can I test the keylogger/screenlogger capability of ver 6? Any ideas? I used to have SpyShelter test tool but I seem to have misplaced it after removing from the other system.

I have disabled auto-sandbox for now as it seems sluggish when it's running with the HIPS. When I was using version 5.12 it was also off but even when that was 'on' it wasn't this sluggish. Any ideas? There are no other realtime security apps running except AvastFree(auto-sandbox disabled) and CIS ver6.

CIS ver6 seems a very good but still observing here. I got a stealthed reading from PCFlank and ShieldsUP.


free image hosting

Also observed that when I clicked 'Update' and it checks that I have the update version, the home gui still says "Never Updated".


photo sharing sites


Thank you.

 

[illumination]

Is there a way to let me know that the sandbox still has files inside..? Something like SBIE's Quick Recovery invocation...I may accidentally delete or 'reset sandbox' and it will be too late to know that I have lost something I downloaded or printed.

Introduction to the CIS6 Sanbox

About Watch Activity>KillSwitch, as of the moment my internet connection is a bit slow. Can I just download it separately and install it? It's taking quite long...

You can download it separate, but it will not be version 6 of Killswitch, as of now it comes with CIS only, it will be an older version. The newer version allows you to see what processes are virtualized.

How can I test the keylogger/screenlogger capability of ver 6? Any ideas? I used to have SpyShelter test tool but I seem to have misplaced it after removing from the other system.

This would be a question for Umbra.

I have disabled auto-sandbox for now as it seems sluggish when it's running with the HIPS. When I was using version 5.12 it was also off but even when that was 'on' it wasn't this sluggish. Any ideas? There are no other realtime security apps running except AvastFree(auto-sandbox disabled) and CIS ver6.

Did you chose the whole suit or just the firewall in the installer?

Also observed that when I clicked 'Update' and it checks that I have the update version, the home gui still says "Never Updated".

Have you restarted since you installed?

 

[Deleted member 178]

I was able to 'import settings' of the old ver5.12 edited it

you should not, they are not compatible

Is there a way to let me know that the sandbox still has files inside..? Something like SBIE's Quick Recovery invocation...I may accidentally delete or 'reset sandbox' and it will be too late to know that I have lost something I downloaded or printed.

No, you have to check the folder

What is that 'Scan' there in the home gui? I only downloaded the firewall and I did not install the AV. Pairing CIS 6 with AvastFree for now.

The wrongly done GUI.

About Watch Activity>KillSwitch, as of the moment my internet connection is a bit slow. Can I just download it separately and install it? It's taking quite long

as Illumination said

How can I test the keylogger/screenlogger capability of ver 6? Any ideas? I used to have SpyShelter test tool but I seem to have misplaced it after removing from the other system

.

you can use Comodo leak test, there is a big thread on comodo's Forum for how set it up for testing CIS v6.

I have disabled auto-sandbox for now as it seems sluggish when it's running with the HIPS. When I was using version 5.12 it was also off but even when that was 'on' it wasn't this sluggish. Any ideas? There are no other realtime security apps running except AvastFree(auto-sandbox disabled) and CIS ver6.

the auto-sandbox is improved and is now the Behavior Blocker , you should not disable it.

Also check my post to understand how BB & HIPS works now: http://malwaretips.com/Thread-CIS-v6-BB-HIPS

Also observed that when I clicked 'Update' and it checks that I have the update version, the home gui still says "Never Updated".

you don't have the AV installed so this is why

 

[illumination]

What is that 'Scan' there in the home gui? I only downloaded the firewall and I did not install the AV. Pairing CIS 6 with AvastFree for now.

The wrongly done GUI.

Thank you Umbra, i overlooked that he did not install AV, and answered a few wrongly because of. :blush:

 

[Deleted member 178]

btw, he should uninstall and re-install it and without importing the settings. it may fix some errors/bugs.

i always found useless to use comodo FW instead of CIS; the cloud's detection becomes useless since without the AV you can't remove the infection.

 

[illumination]

btw, he should uninstall and re-install it and without importing the settings. it may fix some errors/bugs.

i always found useless to use comodo FW instead of CIS; the cloud's detection becomes useless since without the AV you can't remove the infection.

I agree, he should reinstall it without the imported settings. This was a major makeover for CIS. Also agree about just using the firewall, have always preferred to use the whole suite if im going to use it.

 

[Raul90]

Thanks Umbra/illummination for the reply there.

I was able to 'import settings' of the old ver5.12 edited it

you should not, they are not compatible
-- Hmmm..seems to be okay but I removed and started to do the rules from scratch. Seems to be okay except on some programs that Comodo seems to have problem "remembering". Still observing here.

Is there a way to let me know that the sandbox still has files inside..? Something like SBIE's Quick Recovery invocation...I may accidentally delete or 'reset sandbox' and it will be too late to know that I have lost something I downloaded or printed.

No, you have to check the folder
-- If I create a shortcut on the desktop will it stay even if I reset?

What is that 'Scan' there in the home gui? I only downloaded the firewall and I did not install the AV. Pairing CIS 6 with AvastFree for now.

The wrongly done GUI.
-- wrongly done gui...is this my doing? I did not install the AV..have been careful abiout that ever since I used CIS. Is there anything that can be done or will I leave it just that?

About Watch Activity>KillSwitch, as of the moment my internet connection is a bit slow. Can I just download it separately and install it? It's taking quite long

as Illumination said
-- Have managed to downlaod it after 3 hrs and it's okay now.

How can I test the keylogger/screenlogger capability of ver 6? Any ideas? I used to have SpyShelter test tool but I seem to have misplaced it after removing from the other system

.

you can use Comodo leak test, there is a big thread on comodo's Forum for how set it up for testing CIS v6.
-- Will check it out thanks.

I have disabled auto-sandbox for now as it seems sluggish when it's running with the HIPS. When I was using version 5.12 it was also off but even when that was 'on' it wasn't this sluggish. Any ideas? There are no other realtime security apps running except AvastFree(auto-sandbox disabled) and CIS ver6.

the auto-sandbox is improved and is now the Behavior Blocker , you should not disable it.

Also check my post to understand how BB & HIPS works now: http://malwaretips.com/Thread-CIS-v6-BB-HIPS
-- Am taking a look at it now thank you.

Also observed that when I clicked 'Update' and it checks that I have the update version, the home gui still says "Never Updated".

you don't have the AV installed so this is why

-- so this is a gui bug as in "update"..?

 

[Deleted member 178]

Most issues you have is because you don't use the full suite, for v6 i always used the full suite to get all the potential of CIS especially since the AV module is better than before.

-- If I create a shortcut on the desktop will it stay even if I reset?

I never tried, CIS sandbox is not system wide, so the shortcut will stay i suppose, unless created inside Kiosk.

 

[Raul90]

Hello,

I have just uninstalled and re-installed Comodo firewall and the condition is still the same asof first post. Have I used the right installer?

Comodo Firewall - cfw_installer.exe(127mb)

COMODO Firewall 2013
http://download.comodo.com/cis/download/installs/2000/standalone/cfw_installer.exe

Is this the correct installer? I have also downloaded the COMODO Internet Security 2013 installer and it says,

cispremium_installer.exe(127mb)

COMODO Internet Security 2013
http://download.comodo.com/cis/download/installs/2000/standalone/cispremium_installer.exe

Now that is with the AV correct? How come the firewall-only installer and the cispremium_installer.exe are the same size at 127mb..? Or I erred in my download?

Will see if the shortcut will be retained or not when I exit/reset the sandbox later.


Got also conflicting reports from ShieldsUP an PCFlank today. Shield'sUP says I "failed" due to "ping". PCFlank says otherwise. See images below.


image sharing


host images


Thank you

 

[Deleted member 178]

The installers are good, don't worry.

be careful some of those "Firewall testers" test your router instead your firewall

 

[NathanF1]

What is that 'Scan' there in the home gui? I only downloaded the firewall and I did not install the AV. Pairing CIS 6 with AvastFree for now.

The Scan button in Comodo Firewall executes a File Ratings scan, also found in General Tasks.

Also observed that when I clicked 'Update' and it checks that I have the update version, the home gui still says "Never Updated".

I've updated the AV definitions and ran a CCE scan. The Never Updated status didn't change. Probably related to product updates only or a bug I guess?
You can remove items displayed in the Task Bar by right-clicking and selecting Remove from Task Bar from the popup menu. Right-clicking on icons in the Tasks windows will toggle the action to Add/Remove, depending on the currently displayed set of shortcuts.

 

[jasonX]

I see that the OP has AvastFree paired with CIS ver6. I just saw that the issue with the Avast WebShield and Comodo has not been corrected after all in version 5.12. See here

 

[Raul90]

Thank you NathanF1 for the reply. I think I'll leave it all at that at the moment. Still trying to be acquainted with the new gui. I seem to see that the response time in this system when viewing logs or editing rules is a bit slow as compared to ver5.12. After I set/edit a rule or just view the Firewall events and close the window it seems slow to respond.

Can someone confirm that particular Avast bypass is still an issue(re: Avast WebShield)..anyone? This setup is in an XP SP3 desktop and I seem to remember that the problem was only in Windows 7...

 

[HeffeD]

This setup is in an XP SP3 desktop and I seem to remember that the problem was only in Windows 7...

There is no problem with Win XP.

 

[Raul90]

This setup is in an XP SP3 desktop and I seem to remember that the problem was only in Windows 7...

There is no problem with Win XP.

Hi HeffeD,

Sorry for the late reply. Thanks for the confirmation on the Avast "thing" on XP

 

[Moose]

Has anyone tried the latest Emsisoft Internet Security with Private Firewall. Just a little sluggish! Only couple of seconds. I am thinking about giving Comodo Firewall a try, only because of the Sandbox feature. Not sure! This is why, I am asking the question will Comodo Firewall enable a sandbox feature around the browser for better protection?

Or would it be better to use a browser like http://spoon.net/browsers/ Or a VPN Service?

 

[Deleted member 178]

CIS sandbox the browsers and even has a sandboxed environment (Kiosk)

 

[Moose]

I know that C.I.S. sandbox the browser, but what about Comodo Firewall without C.I.S? For example,with Emsisoft Internet Security?

 

[VectorFool]

I know that C.I.S. sandbox the browser, but what about Comodo Firewall without C.I.S? For example,with Emsisoft Internet Security?

I had Comodo Dragon installed on my PC
when i installed Comodo Firewall, it automatically created a Link for "Virtual Comodo Dragon"

 

[Deleted member 178]

I know that C.I.S. sandbox the browser, but what about Comodo Firewall without C.I.S? For example,with Emsisoft Internet Security?

EIS = EAM (AV & BB) + OAP (FW & HIPS), so you can't use OAP and CFW (FW & HIPS) together, you must choose between EAM + CFW or EIS or CIS.

If you really need CFW go for CIS , the suite is great , if you really need EAM and CFW , you can do my old combo (aka "Umbra Virus"): CIS + EAM